---

CVE-2020-27835 - log back

CVE-2020-27835 edited at 12 Dec 2020 22:51:23
References	https://bugzilla.redhat.com/show_bug.cgi?id=1901709 - https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/drivers/infiniband/hw/hfi1/mmu_rb.c?id=3d2a9d642512c21a12d19b9250e7a835dcb41a79 + https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=5732f83596f8a573f2cde814cc76a54e1a8995c7

CVE-2020-27835 edited at 10 Dec 2020 14:27:30
Severity	- Unknown + Low
Remote	- Unknown + Local
Type	- Unknown + Denial of service
Description	+ A use after free was found in the Linux kernel infiniband hfi1 driver in the way user calls Ioctl after opening the dev file and forking. A local user could use this flaw to crash the system.
References	+ https://bugzilla.redhat.com/show_bug.cgi?id=1901709 + https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/drivers/infiniband/hw/hfi1/mmu_rb.c?id=3d2a9d642512c21a12d19b9250e7a835dcb41a79
Notes	+ Workaround + ========== + + The issue can be mitigated by preventing the module hfi1 from being loaded: + + # echo 'blacklist hfi1' > /etc/modprobe.d/CVE-2020-27835.conf

CVE-2020-27835 created at 10 Dec 2020 14:22:33